Linksys Vulnerability Vendor: Linksys Affected Products: RE6500, RE6250, RE6300, RE6350, RE7000, RE9000 Affected Versions: - RE6500 (1.0.013.001) - RE6250 (1.0.04.001) - RE6300 (1.2.07.001) - RE6350 (1.0.04.001) - RE7000 (1.1.05.003) - RE9000 (1.0.04.002) Vulnerability Type: Stack Overflow Author: Jiaqian Peng Institution: Institute of Information Engineering, Chinese Academy of Sciences (IIE, CAS) Vulnerability Description We found a stack overflow vulnerability in Linksys routers with certain firmware versions. This vulnerability allows remote attackers to crash the server. Stack Overflow In the binary: In the function, is directly passed by the attacker. If the data is too long, it will cause a stack overflow, leading to arbitrary code execution. The parameter is directly copied to a local variable on the stack, overriding the return address of the function and causing buffer overflow. PoC Result The target router crashes and cannot provide services correctly and persistently.